Patrick Baus
|
61af45e872
|
Enabled HTTP_X_FORWARDED_PROTO header detection. It was disabled for testing.
|
2016-08-11 02:45:18 +02:00 |
|
Patrick Baus
|
dd6e9583a2
|
Fixed request smuggling vulnerability. See: https://www.owasp.org/index.php/OWASP_Periodic_Table_of_Vulnerabilities_-_HTTP_Request/Response_Smuggling
According to https://www.w3.org/TR/XMLHttpRequest/#the-setrequestheader%28%29-method, the header should be ignored anyway if those properties were set.
|
2016-08-11 01:48:12 +02:00 |
|
Patrick Baus
|
665dbc2690
|
Fixed detection of SSL encryption, when a reverse proxy is used, that does the encryption.
If the server sets the HTTP_X_FORWARDED_PROTO header to 'https' or the
HTTP_X_FORWARDED_SSL header to 'on' SSL encryption is assumed
|
2016-08-11 01:32:41 +02:00 |
|
Deon George
|
fa88250f0e
|
Merge pull request #32 from jsdevel/fixing-sflogo-protocol-for-reverse-proxies
Changing the sourceforge logo to be protocol relative.
|
2015-12-07 16:56:41 +11:00 |
|
jsdevel
|
0491916d90
|
Changing the sourceforge logo to be protocol relative.
* This allows the browser to resolve the URL against the protocol the user used, not what a reverse proxy used.
|
2015-12-05 23:02:11 -07:00 |
|
Deon George
|
c004a291d7
|
Merge pull request #19 from scollin/master
Fix some monitor information problems
|
2015-02-23 12:40:32 -08:00 |
|
Sébastien Collin
|
54191d7ffb
|
Fix some monitor information problems
Fix some monitor information problems as reported by @brendankearney
|
2015-01-30 13:56:29 +01:00 |
|
Deon George
|
9e283f369f
|
Merge pull request #13 from DevoKun/master
Changed password_hash to pla_password_hash in a few places where it was still password_hash.
|
2014-10-08 12:30:58 +11:00 |
|
Devon Hubner
|
19114385fc
|
Changed password_hash to pla_password_hash in a few places where it was still password_hash.
|
2014-10-07 14:25:32 -04:00 |
|
Deon George
|
7701e98bcc
|
Merge pull request #11 from robgloess/patch-1
Fixed parse error in TemplateRender.php
|
2014-10-07 12:54:51 +11:00 |
|
robgloess
|
d4c2fb52ab
|
Update TemplateRender.php
Fixed typo on 1682 - parse issue, non escaped " ' " causing error to be thrown
|
2014-09-30 22:28:09 +01:00 |
|
Deon George
|
7cbdd0c8db
|
Merge pull request #9 from uda/master
Minor doc changes
|
2014-09-23 15:59:42 +10:00 |
|
Yehuda Deutsch
|
afec12d163
|
Rename INSTALL to INSTALL.md
|
2014-09-21 11:11:07 +03:00 |
|
Yehuda Deutsch
|
a4a602b6ec
|
Created README.md
|
2014-09-21 11:10:30 +03:00 |
|
Deon George
|
e1952cddb6
|
Merge pull request #6 from marclaporte/patch-2
typos
|
2014-09-18 12:32:56 +10:00 |
|
Deon George
|
ee415fe8c6
|
Merge pull request #5 from marclaporte/patch-1
typo
|
2014-09-18 12:32:08 +10:00 |
|
Deon George
|
eca5c4ea9f
|
Merge pull request #8 from pteague/master
Modified posixAccount Shell selection
|
2014-09-18 12:31:19 +10:00 |
|
Patrick Teague
|
a01752a68c
|
* Fixed posixAccount Shell so that 'Bash' is actually bash and not shell. Also added Shell, Dash, False, and No Login
|
2014-09-16 14:53:52 -05:00 |
|
Marc Laporte
|
ba90f86e7b
|
typos
|
2014-07-25 23:04:40 -04:00 |
|
Marc Laporte
|
6135f94a51
|
typo
|
2014-07-25 20:36:21 -04:00 |
|
Deon George
|
f7c4bd311a
|
Merge pull request #4 from ivdmeer/master
Bugfix: fixed call to renamed function pla_password_hash.
|
2014-06-05 13:00:27 +10:00 |
|
Ivo van der Meer
|
c736ecd8c2
|
Bugfix: fixed call to renamed function pla_password_hash.
|
2014-06-04 10:48:06 +02:00 |
|
Deon George
|
d2a800878f
|
Merge pull request #3 from bchavet/master
Use preg_replace_callback instead of /e in preg_replace
|
2014-06-04 13:43:52 +10:00 |
|
Ben Chavet
|
5a7edc892f
|
Use preg_replace_callback instead of /e in preg_replace to fix E_DEPRECATED warnings
|
2014-05-29 18:57:44 +00:00 |
|
Deon George
|
d258398b68
|
Merge pull request #2 from archayl/php55fix
Php55fix
|
2014-05-14 09:05:39 +10:00 |
|
Mohamad Elrashidin Bin Sajeli
|
b082cf1742
|
Changed preg_replace to preg_replace callback
|
2014-05-08 20:40:57 +08:00 |
|
Mohamad Elrashidin Bin Sajeli
|
e673df3ba8
|
Changed password_hash to pla_password_hash
|
2014-05-08 20:22:30 +08:00 |
|
Deon George
|
cfbee19721
|
Release 1.2.3
|
2012-10-01 16:54:14 +10:00 |
|
Deon George
|
092db24f99
|
Update template to show multiselect values
|
2012-10-01 16:47:53 +10:00 |
|
Deon George
|
927e515df3
|
Language update from launchpad for 1.2.3 (also see #30)
|
2012-09-06 13:00:06 +10:00 |
|
Deon George
|
bbedf18b7e
|
SF Bug #3531956 - Search / Show Attributes must be lowercase
|
2012-09-05 22:44:46 +10:00 |
|
Deon George
|
f1ed59a35e
|
SF Bug #3518548 - Missing attributes on some custom forms
|
2012-09-05 22:18:31 +10:00 |
|
Deon George
|
55fa21af26
|
SF Bug #3513210 - Export to VCARD only exports the last entry in the list
|
2012-09-05 21:57:17 +10:00 |
|
Deon George
|
f28d535948
|
SF Bug #3510648 - Cannot copy between servers
|
2012-09-05 21:54:42 +10:00 |
|
Deon George
|
2f70eb41b3
|
SF Bug #3510114 - Unable to check passwords when samba hashes are in lowercase
|
2012-09-05 21:25:50 +10:00 |
|
Deon George
|
6b9834a054
|
SF Bug #3452416 - templates <order> non-functional
|
2012-09-05 20:23:17 +10:00 |
|
Deon George
|
caf24e3662
|
SF Bug #3427748 - value id is ignored in select attribute
|
2012-09-05 20:02:14 +10:00 |
|
Roland Gruber
|
c4b6695beb
|
SF Bug #3448530 - Treat krbExtraData and krbPrincipalKey as binary
|
2012-09-04 15:09:24 +10:00 |
|
Deon George
|
74434e5ca3
|
SF Bug #3497660 - XSS flaws via 'export', 'add_value_form' and 'dn' variables
|
2012-09-03 07:16:34 +10:00 |
|
Deon George
|
88d41216f9
|
SF Bug #3426575 - clicking 'logout' does not unset _SESSION['ACTIVITY']
|
2012-09-03 06:19:19 +10:00 |
|
Paweł Tomulik
|
09c5e3a8da
|
SF Feature #3555472 - User-friendly items in entry chooser window.
|
2012-09-01 11:43:14 +10:00 |
|
Jean-Philippe Ghibaudo
|
21959715c3
|
SF Feature #3509651 - Add support for SHA512 with OpenLDAP
|
2012-09-01 11:31:38 +10:00 |
|
Roland Gruber
|
3690ad16f0
|
SF Patch #3469148 - Display mass edit actions as buttons
|
2012-08-29 22:01:43 +10:00 |
|
Deon George
|
7dc8d57d69
|
SF Bug #3477910 - XSS vulnerability in query
|
2012-01-24 12:38:47 +11:00 |
|
Deon George
|
dece0f496f
|
Release 1.2.2
|
2011-10-27 13:07:09 +11:00 |
|
Deon George
|
d58f011fbb
|
Language Translation merge from launchpad
|
2011-10-27 13:06:53 +11:00 |
|
Deon George
|
696c266eee
|
Additional fix for SF Feature #3387473
|
2011-10-27 12:55:24 +11:00 |
|
Caleb Callaway
|
2d018aad7b
|
SF Feature #3387473 - Support for schema discovery using OpenLDAP's cn=config DN
|
2011-10-13 08:18:10 +11:00 |
|
Deon George
|
cddf783c27
|
Add an alert when RFC3866 tags are being used
|
2011-10-06 16:16:27 +11:00 |
|
Deon George
|
1e1fcabb3d
|
SF Bug #3398344 - Import LDIF overwrites entries
|
2011-10-06 14:29:35 +11:00 |
|